Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/52c448-1cb9-4beb-8fc2-f048a9266fcf/1/o6m3yqlmJc8MIjehmgCLJH4siQY.roa
File:                     o6m3yqlmJc8MIjehmgCLJH4siQY.roa (raw, json)
Hash identifier:          x+KIEKiWVSKl68yF8taNMPcl8AGx3l2ruhHBnACtBkA=
Subject key identifier:   A3:A9:B7:CA:A9:66:25:CF:0C:22:37:A1:9A:00:8B:24:7E:2C:89:06
Certificate issuer:       /CN=1395a3a8fc8dd34dd6f3c950c661f4b2127175a5
Certificate serial:       0F3BE4C5
Authority key identifier: 13:95:A3:A8:FC:8D:D3:4D:D6:F3:C9:50:C6:61:F4:B2:12:71:75:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/E5WjqPyN003W88lQxmH0shJxdaU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/52c448-1cb9-4beb-8fc2-f048a9266fcf/1/o6m3yqlmJc8MIjehmgCLJH4siQY.roa
Signing time:             Sat 01 Jan 2022 13:06:09 +0000
ROA not before:           Sat 01 Jan 2022 13:06:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58253
IP address blocks:        185.150.64.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 255583429 (0xf3be4c5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1395a3a8fc8dd34dd6f3c950c661f4b2127175a5
        Validity
            Not Before: Jan  1 13:06:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a3a9b7caa96625cf0c2237a19a008b247e2c8906
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:dc:29:85:25:10:62:5c:53:0c:80:32:8e:94:
                    00:14:e0:1f:bf:88:e5:fc:2e:21:24:86:91:c7:6d:
                    58:fe:8a:72:96:12:f9:fd:ff:7a:5c:77:f9:f2:f2:
                    9c:b2:fd:4f:03:35:15:25:e6:e7:f8:0a:01:64:4b:
                    69:13:67:21:fd:da:e4:2f:bf:29:d9:b7:e4:4a:c3:
                    7c:2b:a1:ae:cf:04:01:f9:01:5b:e9:2d:89:f9:f6:
                    ee:99:b5:01:0a:17:a4:a3:ce:7d:e5:7a:18:19:b4:
                    2d:62:18:88:9f:a1:cc:e4:26:21:b0:78:22:92:e2:
                    27:b1:fc:a9:64:e9:30:dd:67:89:4b:5a:5d:be:39:
                    f4:f6:d2:00:ad:bf:8b:b7:41:f8:08:c1:c6:a3:e4:
                    79:3d:cc:d0:51:04:85:f2:ef:a5:d2:76:86:a7:be:
                    bd:3e:5b:75:9b:e1:fb:f0:aa:42:41:17:ca:5f:9d:
                    e0:30:c8:6f:ac:d0:44:ac:52:aa:85:9e:6b:f5:aa:
                    62:06:9d:b4:05:50:ef:cb:31:10:32:a4:28:be:85:
                    ee:eb:5d:fc:d2:cc:bd:29:bf:10:98:14:07:cc:77:
                    5e:85:ff:bb:aa:ff:13:ea:57:dd:ec:2c:5e:ca:af:
                    29:e5:a3:80:db:50:5a:3b:a1:fb:a5:66:ce:b1:fc:
                    8d:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:A9:B7:CA:A9:66:25:CF:0C:22:37:A1:9A:00:8B:24:7E:2C:89:06
            X509v3 Authority Key Identifier:
                keyid:13:95:A3:A8:FC:8D:D3:4D:D6:F3:C9:50:C6:61:F4:B2:12:71:75:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E5WjqPyN003W88lQxmH0shJxdaU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/52c448-1cb9-4beb-8fc2-f048a9266fcf/1/o6m3yqlmJc8MIjehmgCLJH4siQY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/52c448-1cb9-4beb-8fc2-f048a9266fcf/1/E5WjqPyN003W88lQxmH0shJxdaU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.150.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         30:a6:2d:1b:b9:5e:4d:bd:71:8f:8b:69:b6:0a:c9:bb:5b:f4:
         56:2e:67:f3:a2:f6:1d:96:0b:69:fd:e3:bd:52:35:b4:bb:8c:
         d7:0c:30:fd:72:80:78:20:68:ac:e8:52:f6:13:52:1f:2d:91:
         aa:ba:5e:7c:42:35:1d:20:aa:dc:60:75:ac:cd:d2:75:7e:e3:
         8c:2b:93:72:a4:a3:50:23:c0:83:09:98:cb:e6:0e:24:ac:5c:
         d4:ec:76:d0:f8:7e:29:d0:ca:7d:7e:d5:c5:c7:9b:61:c7:02:
         fa:77:96:eb:b3:19:0c:f4:38:6b:39:af:13:71:94:f6:21:a7:
         97:8e:c8:b5:74:ae:92:fa:17:ea:77:85:e5:6e:b9:0e:a3:8f:
         38:20:af:2e:f5:2d:73:a2:be:00:ae:ba:45:b9:30:3d:2f:2b:
         76:a7:a3:15:45:15:8c:f7:25:ca:3c:f6:02:54:31:59:b6:9c:
         bf:bc:bf:1d:da:47:00:cc:23:b6:2e:b4:cf:56:7c:ac:f9:b3:
         46:09:da:b2:83:5c:83:0f:cb:0e:e7:3b:d5:60:fe:85:6c:32:
         cf:dc:02:da:7b:19:1c:5b:3d:75:76:b0:90:f7:36:cf:bf:83:
         af:2b:12:82:16:d9:42:d7:cc:6e:93:15:8e:c7:49:c6:19:24:
         b3:b7:d3:c9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDzvkxTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
Mzk1YTNhOGZjOGRkMzRkZDZmM2M5NTBjNjYxZjRiMjEyNzE3NWE1MB4XDTIyMDEw
MTEzMDYwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTNhOWI3Y2FhOTY2
MjVjZjBjMjIzN2ExOWEwMDhiMjQ3ZTJjODkwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMXcKYUlEGJcUwyAMo6UABTgH7+I5fwuISSGkcdtWP6KcpYS
+f3/elx3+fLynLL9TwM1FSXm5/gKAWRLaRNnIf3a5C+/Kdm35ErDfCuhrs8EAfkB
W+ktifn27pm1AQoXpKPOfeV6GBm0LWIYiJ+hzOQmIbB4IpLiJ7H8qWTpMN1niUta
Xb459PbSAK2/i7dB+AjBxqPkeT3M0FEEhfLvpdJ2hqe+vT5bdZvh+/CqQkEXyl+d
4DDIb6zQRKxSqoWea/WqYgadtAVQ78sxEDKkKL6F7utd/NLMvSm/EJgUB8x3XoX/
u6r/E+pX3ewsXsqvKeWjgNtQWjuh+6VmzrH8jS0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSjqbfKqWYlzwwiN6GaAIskfiyJBjAfBgNVHSMEGDAWgBQTlaOo/I3TTdbz
yVDGYfSyEnF1pTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0U1V2pxUHlOMDAzVzg4bFF4bUgwc2hKeGRhVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzMvNTJjNDQ4LTFjYjktNGJlYi04ZmMyLWYwNDhhOTI2NmZjZi8x
L282bTN5cWxtSmM4TUlqZWhtZ0NMSkg0c2lRWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMv
NTJjNDQ4LTFjYjktNGJlYi04ZmMyLWYwNDhhOTI2NmZjZi8xL0U1V2pxUHlOMDAz
Vzg4bFF4bUgwc2hKeGRhVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmWQDANBgkqhkiG9w0BAQsFAAOC
AQEAMKYtG7leTb1xj4tptgrJu1v0Vi5n86L2HZYLaf3jvVI1tLuM1www/XKAeCBo
rOhS9hNSHy2RqrpefEI1HSCq3GB1rM3SdX7jjCuTcqSjUCPAgwmYy+YOJKxc1Ox2
0Ph+KdDKfX7VxcebYccC+neW67MZDPQ4azmvE3GU9iGnl47ItXSukvoX6neF5W65
DqOPOCCvLvUtc6K+AK66RbkwPS8rdqejFUUVjPclyjz2AlQxWbacv7y/HdpHAMwj
ti60z1Z8rPmzRgnasoNcgw/LDuc71WD+hWwyz9wC2nsZHFs9dXawkPc2z7+DrysS
ghbZQtfMbpMVjsdJxhkks7fTyQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:58 2024 by rpki-client on console-fra.rpki-client.org